Contact us
Jump to content

  • Articles

    Our website articles
    Sagar Kamde
    In today's data-driven world, businesses need effective data visualizations to make informed decisions and ibi™ WebFOCUS® stands out by offering user-centric design solutions that transform complex data into intuitive visual insights. Here are some best practices to enhance your data visualizations using WebFOCUS.
    Know Your Audience
    Before designing any visualization, it's essential to understand your audience or persona. Who will be consuming this visualization? Are they executives needing high-level overviews or analysts requiring detailed data? Tailoring your visuals to the audience's needs ensures better comprehension and engagement with the visualization.
    Make it Simple
    WebFOCUS allows for sophisticated data integrations, but simplicity is key. Use Progressive disclosure technique to build clear, concise charts and provide a clear interaction to access more details. In short, avoid overloading users with too much information at once. Interactive features can help users drill down into details without cluttering the main view.
    Choose the Right Visuals
    Selecting appropriate visualization types is very Important. For instance, use bar charts for comparisons, line charts for trends over time, and pie charts for part-to-whole relationships. WebFOCUS provides a variety of visualization options to match your data’s story. Knowing effective data visualization is crucial, and the Data Visualisation Catalog is a comprehensive resource for enhancing your data storytelling skills. It offers an extensive array of visualization types, each described in detail with examples and best use cases. Whether you're a seasoned data analyst or a beginner, this catalog can help you find the perfect visual representation for your data, ensuring clarity and impact in your presentations and reports.
    Consistency is Key
    Maintain consistency in colors, fonts, and styles across your visualizations. This not only makes your dashboards look professional but also helps users quickly recognise patterns and insights. Collaborate with your administrators to create custom themes that align with your organization's needs and ensure every visualization is consistent.
    Leverage Interactivity
    Interactive dashboards are more engaging and informative. WebFOCUS enables features like tooltips, drill-downs, and filtering, allowing users to interact with the data and explore it in depth. This interactivity leads to more meaningful insights.
    Test and Iterate your Data Visuals
    Talk to your users, gather feedback and continually refine your visualizations.
    Conclusion
    By focusing on user-centric design principles, you can create powerful, effective data visualizations with WebFOCUS. These best practices will help ensure that your visualizations are not only visually appealing but also highly functional and user-friendly. While these principles provide a solid foundation, don't be afraid to experiment and innovate. Sometimes, stepping outside the conventional boundaries can lead to groundbreaking output. Trust your instincts and use your best judgment to create visuals that truly resonate with your users.
    Manali Ratnaparkhi
    Introduction
    User experience (UX) is paramount in today's fast-paced digital world. A refined UX can significantly boost efficiency and user satisfaction for tools like WebFOCUS ReportCaster, which play a pivotal role in business intelligence and reporting, enabling users to schedule, manage, and distribute reports. However, as user expectations evolve, it's crucial to enhance the UI/UX of ReportCaster to ensure it remains intuitive, efficient, and engaging. This article delves into key UX enhancements that have transformed WebFOCUS ReportCaster into an even more powerful and intuitive tool.
     
     
    Understanding the Current UX
    We tried to solve the problem with the old UI, the Bindows UI, which needed to be updated, and consistent with our new branding. It was slightly harder to use. It didn’t have a modern look and feel like any modern UI. Once we applied the design principles and contemporary UI, which we’ve applied with the rest of the Hub, we would achieve a better User Experience for ReportCaster.
    Also, ReportCaster was a separate tool. We tried to integrate it into the Hub. We made an effort to streamline the workflow where we have unified the visual design and made sure it looks like it’s part of the larger tool.
     
     
    Identified Key Areas for Improvement
    Users have highlighted several areas where the UX could be improved, including 
    Streamlined Navigation: Simplifying navigation to reduce clutter and improve ease of use.
    Modernized Interface Design: Making the UI consistent with the rest of the Hub, which has the new product branding, which is more intuitive and engaging.
    The above two UX improvements are achieved in the ReportCaster Scheduler, Distribution List and Access List, released in the 9.3 version. We’ve followed the same UX enhancements for ReportCaster Explorer which will be available in the coming release. Let’s talk in more detail about how these specific enhancements were achieved.
     
    Implemented UX Enhancements
    1. Streamlined Navigation
    Implement a cleaner, more intuitive, minimalist design that reduces clutter and makes navigation straightforward. Group related functionalities logically and ensure that key features are easily accessible from the Hub.
     
    2. Modernized Interface Design
    Modernizing the interface design of WebFOCUS ReportCaster is a critical step towards enhancing the overall user experience. A well-designed interface looks aesthetically pleasing and improves usability, accessibility, and efficiency. Here’s a detailed breakdown:
     
    Adopting a Minimalist Design Approach
    Less Clutter, More Focus: Simplify the interface by removing unnecessary elements. Focus on the essential functions and information, ensuring users can easily find what they need without distractions.
    Whitespace Utilization: Use whitespace effectively to create a clean and balanced layout. Whitespace helps differentiate elements, making the interface less overwhelming and easier to navigate.
     
    Implementing a Consistent Design Language
    Uniform Style: Use a consistent design language throughout the interface. This includes uniform fonts, colors, buttons, and icons. Consistency helps users familiarize themselves with the interface quickly and reduces cognitive load.
    Design System: Use the existing design system or style guide that outlines the visual and interaction patterns to be used across the platform. This ensures that all UI components are cohesive and aligned.
     
    Enhancing Visual Hierarchy
    Prioritizing Content: Arrange interface elements in a way that reflects their importance. Use size, color, and placement to guide users’ attention to the most critical elements first.
    Clear Call-to-Actions: Design buttons and links that stand out. Ensure that primary actions are prominently displayed and secondary actions are easily accessible but less visually dominant.
     
    Accessibility Considerations
    Color Contrast and Readability: Ensure that the color contrast between the text and background is sufficient for readability. Use accessible fonts and font sizes to cater to users with visual impairments.
    Keyboard Navigation: Design the interface to be fully navigable using a keyboard. Include focus indicators and shortcuts to assist users who rely on keyboard navigation.
    In short, eliminate the old Bindows UI and adopt a minimalist design approach with a focus on Usability. Use modern UI elements, which are present in our Design System to provide a seamless experience. 
     
     
    Illustrating the Benefits
    WebFOCUS ReportCaster offers a more user-friendly and efficient experience by implementing these UX enhancements. Users will benefit from:
    Increased Efficiency with Streamlined navigation.
    Higher Satisfaction with a modern interface. 
    Better Adoption Rates with an intuitive design.
     
    Conclusion
    Enhancing the UX of WebFOCUS ReportCaster is not just about meeting current user expectations but also about paving the way for future growth and innovation. By focusing on key areas like navigation and design, we have transformed ReportCaster into a tool that meets and exceeds user needs. Continuous investment in UX is essential for staying ahead in the competitive business intelligence landscape.
    What are your thoughts on these implemented UX enhancements? Share your feedback and ideas to help us create an even better user experience. Let's work together to make WebFOCUS ReportCaster the best it can be!
     
    Karishma Khadge
    In today's fast-paced business landscape, the ability to derive actionable insights from data quickly is paramount. Data scientists and analysts are tasked with the challenge of turning vast amounts of information into valuable insights that drive strategic decision-making. In this article, we'll explore how WebFOCUS, a leading business intelligence and analytics platform, empowers users to gain insights through its robust feature name “Instant Insights”

    Instant Insights with WebFOCUS:
    WebFOCUS is designed to streamline the data-to-insights journey, enabling users to uncover valuable information in real-time. Here's how WebFOCUS facilitates instant insights:

    Interactive Data Exploration:
    WebFOCUS offers interactive data exploration capabilities that allow users to visually analyze data and uncover insights on-the-fly. With intuitive and interactive visualizations, users can drill down into data, apply filters, and explore trends dynamically. This enables rapid discovery of patterns, anomalies, and correlations without the need for extensive coding or manual analysis.

    Self-Service Analytics:
    Empowering users with self-service analytics capabilities is a key feature of WebFOCUS Instant Insights. With self-service tools, business users can access and analyze data independently, reducing reliance on IT or data science teams. WebFOCUS provides a user-friendly interface that enables non-technical users to create ad-hoc reports, build customized dashboards, and perform self-guided analysis, fostering a culture of data-driven decision-making across the organization.


     
    WebFOCUS is not limited to just Instant Insights. WebFOCUS also  integrates predictive analytics capabilities, allowing users to not only explore current data but also forecast future trends and outcomes. By utilizing machine learning algorithms and predictive modeling techniques, users can generate insights that reveal potential future scenarios based on historical data. This seamless integration of predictive analytics within the Instant Insights feature enables users to quickly identify emerging trends, anticipate customer behavior, and make informed decisions with a forward-looking perspective. 
     
    Whether it's predicting customer churn, forecasting sales volumes, or optimizing supply chain operations, WebFOCUS ensures that users have the foresight to stay ahead in a dynamic business environment. Stay tuned for our next blog to learn more about how WebFOCUS provides predictive analytics capabilities.

    Conclusion:
    In conclusion, WebFOCUS offers a comprehensive suite of features and best practices that enable users to gain instant insights from data. From interactive data exploration and self-service analytics to real-time data integration, predictive analytics, and natural language processing, WebFOCUS empowers users to uncover valuable insights quickly and efficiently. By leveraging these capabilities, organizations can accelerate decision-making, drive innovation, and gain a competitive edge in today's data-driven world.
    Pablo Alvarez
    After Oracle announced that their Java release wouldn’t be free anymore for production environments, several customers wanted to get rid of it and started using OpenJDK packages instead. ibi already moved on the same path and we started using OpenJDK in our products a few releases ago (even we went back to Oracle in the latest versions).
    This documentation will try to help you moving from Oracle to OpenJDK.
    In my case, I’m going to use Adoptium as my Java OpenSource JDK. So, to use the 11 release, I had to install Temurin: https://adoptium.net/temurin/archive/?version=11
    Once installed, there are a few steps that need to be performed to make WebFOCUS work with this new JDK.
    As WebFOCUS installs by default its own Java (depending on the platform), the easiest way (in my opinion) is, with the services stopped, no matter if Linux/UNIX or Windows, to rename the folders where they are located, for example C:\ibi\tomcat\jdk and C:\ibi\WebFOCUS93\jdk
    That way the product won’t be able to find this Oracle Java release, but it’ll also fail to start services or make calls. 
    To fix that, I recommend to create soft links to point to the desired Java release and keeping the files for the product untouched, for example, if I have my Adoptium Java installed on 
    C:\Java\Adoptium → Inside I’ve the C:\Java\Adoptium\jdk11
     
    On Linux it’s as follows:
    /usr/etc/adoptium → And inside the jdk11: /usr/etc/adoptium/jdk11
     
    So for Windows, I use the mklink command:
    mklink /D C:\ibi\tomcat\jdk C:\Java\Adoptium\jdk11
    mklink /D C:\ibi\WebFOCUS93\jdk C:\Java\Adoptium\jdk11
     
    On Linux/UNIX:
    ln -s /usr/etc/adoptium/jdk11 /opt/ibi/tomcat/jdk
    ln -s /usr/etc/adoptium/jdk11 /opt/ibi/WebFOCUS93/jdk
     
    That’ll fix some part of the issues you can find when migrating to OpenJDK, most of them if you already have the product installed and based on the Oracle Java release, so let’s go for the next ones…
    In case that you use Derby as Repository, it also has it’s own jdk inside, so you’ll need to repeat the process for the softlinks there as well: C:\ibi\derby\jdk.
     
    ENVIRONMENT VARIABLES
    You’ll need to replace the JAVA_HOME, JDK_HOME and JRE_HOME (if needed) to point to hte new ones
    I created an ADOPTIUM_HOME environment variable on my Windows box, so I just have to replace the rest of them pointing to that one.
    This is what I had before:
    JAVA_HOME=C:\Java\Oracle\jdk11
    JDK_HOME=%JAVA_HOME%
    JRE_HOME=%JAVA_HOME%\jre 
    And now I have it as follows:
    ADOPTIUM_HOME=C:\Java\Adoptium\jdk11
    JAVA_HOME=%ADOPTIUM_HOME%
    JDK_HOME=%JAVA_HOME%
    JRE_HOME=%JAVA_HOME%\jre
    If using command lines Windows uses ‘set’:
    set ADOPTIUM_HOME=C:\Java\Adoptium\jdk11
    set JAVA_HOME=%ADOPTIUM_HOME%
    After that, you can just type ‘set’ on a command prompt and you’ll see if your changes are in place.
    This way, I just need to switch the JAVA_HOME back to the Oracle one in case I want to revert my changes.
    On Linux it’s quite similar, you must replace the old values for the new ones 
    set ADOPTIUM_HOME=/usr/etc/adoptium/jdk11
    set JAVA_HOME=$ADOPTIUM_HOME
    (notice that in Linux, instead of use %variablevalue% it is just $variablevalue)
    Type ‘env’ on a command prompt to see if the changes have been made.
    WebFOCUS
    For the Reporting Server side, there’s not too much to do, as it picks the values from the environment variables, so just check that your JAVA service (JSCOM) is using the OpenJDK one and that should be all. 
    For the WebFOCUS Client, as it picks Java from Tomcat, there’s nothing much to do there either. In Windows, you can change the default JVM being used on Tomcat’s Configuration Utility, but if you’ve correctly created the soft links, you don’t need to change it:
     

     
    The same happens with WebFOCUS ReportCaster, WebFOCUS Search (Solr) and Derby. If the soft links are correctly configured, nothing else needs to be done.

    We’ll have a separate chapter for AppStudio in a few.
    Just in case you want to keep (in Windows) one service to be used with Oracle Java (or different OpenJDK releases), and another with your new OpenJDK, you can follow these steps… 
    For ReportCaster, copy and rename the ‘service.bat’ file under C:\ibi\WebFOCUS93\ReportCaster\bin, with a different name, like ‘service_openjdk.bat’ and edit it.
    Modify some entries there to point to your desired OpenJDK environment variables:

     
    Notice that I’ve replaced the JAVA_HOME that already pointed to the soft link I created just for this documentation, that C:\ibi\WebFOCUS93\jdk can be the Oracle Java one and ReportCaster can use the Adoptium one doing these changes.
    I’ve also modified the name which the service will use to be created:

     
    And with these changes, you can now run it passing as parameters the ‘install’ option and some extra text that will be added to differentiate:
    service_openjdk.bat install RCAdoptium 
    Now you have a new service that will use the OpenJDK to start ReportCaster:

     
    If you have issues starting this service, check the properties of the service and make sure that at the Log On tab you have the Local System Account checked:
     

     
    You can do the same for Solr by editing the file ibi_solr_service_cfg.ps1 under C:\ibi\WebFOCUS93\Solr
     

     
    Remember that you just can have one of each service up and running, as both will use the same configuration files, hence they’ll be using the same ports.
     
    WebFOCUS AppStudio 
    For the WebFOCUS AppStudio, things are a little bit different, if you already have it installed, you just need to follow the ‘rename and create soft link’ tasks as we did for the WebFOCUS93 folder but under C:\ibi\AppStudio93\jdk, and that should be all.
     
    But… if you don’t have it installed and you don’t want to use Oracle Java at all you have two options. The AppStudio installer first uncompresses the installation, which contains Oracle Java, and uses that one for the installation. If you don’t want to use it at all (even if you don’t have it installed on your server, the installer will use the one that comes with it), here are the options:
    Option 1: Through the command line export this variable:
    set JAVA_TOOL_OPTIONS=”-Dos.name=Windows 7” 
    This will enable the compatibility mode for the CMD installer
    o    Execute the installation with the following command: IBI_wf-as_9.3.0_win_x86_64.exe LAX_VM “C:\Java\Adoptium\jdk11\bin\java.exe”
    o    Once installed, repeat the process for creating the soft link under C:\ibi\AppStudio93\jdk pointing to your OpenJDK Option 2: Uncompress the IBI_wf-as_9.3.0_win_x86_64.exe for example under C:\Temp\IBI_wf-as_9.3.0_win_x86_64 Replace the C:\Temp\IBI_wf-as_9.3.0_win_x86_64Windows_Pure_64_Bit\resource\jre with the one that comes with your OpenJDK (C:\Java\Adoptium\jdk11\jre) Install the product using the following commands:
    SET JAVA_TOOL_OPTIONS="-Dos.name=Windows 7"
    C:\Temp\IBI_wf-as_9.3.0_win_x86_64\Windows_Pure_64_Bit\installWebFOCUS930.exe LAX_VM "C:\Temp\IBI_wf-as_9.3.0_win_x86_64\Windows_Pure_64_Bit\resource\jre\bin\java.exe  
    Wait for the product to finish the installation and that’ll be all.
    Happy OpenSource executions!
    Pablo Alvarez
    We’ve recently seen an increase in cyberattacks on enterprises around the world. And as everybody knows, the weakest point in our companies is… US. Humans are the weakest entry point and the one that most hackers will use to access our company assessments.
    Because of that, several of our customers have recently asked how they can enable MFA (Multi-Factor Authentication) on their WebFOCUS installations.
    Adding this extra layer of security will require our users to interact with a device, so even if they don’t have a strong password, this method won’t allow them to provide or ‘write it on a post-it attached to the monitor’. That way, even if the hacker can get our password and account, they’ll need to have physical access to our device.
     
    OAuth MFA
    For this sample I’ll be using Google as the OAuth provider, you can start configuring it following the instructions on: https://developers.google.com/identity/openid-connect/openid-connect, but you can use your own OAuth IdP.
    I’ve used the FQDN of my computer on the information there: 
     

    The Authorized redirect URIs must match the one that you use to access WebFOCUS from your browser, but you’ll also need to add the jsp that will validate the token that will be returned from your Identity Provider:
                https://fqdn:port/ibi_apps/service/wf_openidconnect_security_check.jsp
    Replace fqdn with the fully qualified domain name of your box and port for your application server port number where WebFOCUS is deployed.
    This part is the important one, as there’s not too much to configure on the WebFOCUS side apart from that. 
    In my case, my OAuth consent screen doesn’t have any additional scopes configured apart from the email one, so I’m not limiting the scopes that I receive from Google:
     

     
    My WebFOCUS Security configuration just has the default content for Google (you can change those URLs for the ones of your IdP), and you’ll need to add the ClientID and ClientSecret there. I also changed the Attribute Name for User ID to match Google’s scope, and left the Optional one as ‘email’ as well:
     

     
    Saving changes and restarting the Application Server is the last thing you need to do, once restarted, you should be able to use SSO against OAuth.
     

     
     
    Once done, you should be able to connect to WebFOCUS using your Google account, and if you have configured the 2nd MFA method there, you are already done, but if not, just access your Google account to manage your profile and enable it (https://myaccount.google.com/u/1/security): 
     


     
    Here you can see it in action:
     
     
    Another method for MFA you can use is SAML instead of OAuth.
    At this case, I’ve been requested twice for the MFA, because the account that I use to login into SAML is my Google one, so I’m being prompted first to access my google account, and secondly in SAML.
    Your IdP should have an option under the security configuration to enable MFA, I’m using OKTA, and there I’ve enabled the Okta Verify (Application for your Mobile devices) and also the Google Authenticator one:
     


     

     
    Here’s a short screen-recording of how it works:
    Happy & Secure connections!
    Pablo Alvarez
     
    Sachin Sancheti
    This article will help you to deploy the WebFOCUS Container Edition using shipped images onto the single node cluster created using Openshift on Linux or Mac.
    Please note that WFCE deployment on Openshift cluster on Mac is NOT certified and recommended for production usage.
    Pre-requisite: To deploy the WebFOCUS Container Edition onto the cluster you will need software/tools - Helm, Helmfile, and Docker.
    Let's get started...
     
    Deployment Steps
              1. Download Openshift local installer from:
                  https://console.redhat.com/openshift/create/local

              2. Install openshift local installer -  crc-linux-amd64.tar.xz (linux) / crc-macos-installer.pkg (mac)
              3. Setup openshift cluster using terminal
    crc setup  
              4.  Update openshift cluster configuration to allocate more cpu, memory and diskspace
    crc config set memory 16000 crc config set cpus 6 crc config set disk-size 80  
              5. Once completed start cluster instance (this might take 10-15 mins)
    crc start Provide pull secret (one time activity copy from https://console.redhat.com/openshift/create/local)
    Once created user should get below details:

     
             6. Update docker configuration to allow push images to insecure openshift local registry
    For Linux:
    vi ~/etc/docker/daemon.json Add below entry
    {     "insecure-registries" : [ "default-route-openshift-image-registry.apps-crc.testing:443" ] } And then restart docker (for linux)
    sudo systemctl daemon-reload sudo systemctl restart docker  
    For Mac:
    Update settings using docker desktop and restart

     
             7. Login to Openshift cluster as a developer user
    eval $(crc oc-env) oc login -u developer https://api.crc.testing:6443  
             8. Create new openshift project
    oc new-project webfocus  
             9. Download IBI_wfce_images_1.3.0.tar and IBI_wfce_1.3.0.tar from eDelivery
    Load docker images
    docker load -i IBI_wfce_images_1.3.0.tar Once completed verify using
    docker images Should show below list

     
             10. Tag and Push images to crc registry 
    docker login -u `oc whoami` -p `oc whoami --show-token` default-route-openshift-image-registry.apps-crc.testing:443 docker image tag ibi2020/webfocus:wfs-9.3-1.3.0 default-route-openshift-image-registry.apps-crc.testing:443/webfocus/repo:wfs-9.3-1.3.0 docker image push default-route-openshift-image-registry.apps-crc.testing:443/webfocus/repo:wfs-9.3-1.3.0 docker image tag ibi2020/webfocus:wfs-etc-9.3-1.3.0  default-route-openshift-image-registry.apps-crc.testing:443/webfocus/repo:wfs-etc-9.3-1.3.0 docker image push default-route-openshift-image-registry.apps-crc.testing:443/webfocus/repo:wfs-etc-9.3-1.3.0 docker image tag ibi2020/webfocus:wfc-9.3-1.3.0  default-route-openshift-image-registry.apps-crc.testing:443/webfocus/repo:wfc-9.3-1.3.0 docker image push default-route-openshift-image-registry.apps-crc.testing:443/webfocus/repo:wfc-9.3-1.3.0 docker image tag ibi2020/webfocus:cm-9.3-1.3.0   default-route-openshift-image-registry.apps-crc.testing:443/webfocus/repo:cm-9.3-1.3.0   docker image push default-route-openshift-image-registry.apps-crc.testing:443/webfocus/repo:cm-9.3-1.3.0  
    Verify once completed using below command:
    oc get imagestreams repo -n webfocus  -o jsonpath='{range .status.tags[*]}{.tag}{"\n"}' Expected output is

     
             11. Untar IBI_wfce_1.3.0.tar
    tar -xvf IBI_wfce_1.3.0.tar Above command will extract the IBI_wfce_1.3.0 directory for all the scripts, Helmfile, env, etc files required by WebFOCUS CE.
     
             12. Deploy infra
    cd IBI_wfce_1.3.0/scripts/helmfile/infra source ../export-defaults.sh helmfile --state-values-file=../environments/oc-default.yaml.gotmpl sync Verify infra pods are up and running using command
    oc get pods -n webfocus Expected output as follows:

     
             13. Remove imagePullSecret (optional step - only needed if internal registry is used)
                   edit scripts/helmfile/environments/dev-wf.integ.yaml.gotmpl and remove all instances of
    imageInfo: imagePullSecrets: - name: ibi-docker-hub Once removed file would look like:
    appserver: # imagePullSecrets: # - name: ibi-docker-hub autoscaling: enabled: true #edaetc: # imagePullSecrets: # - name: ibi-docker-hub edaserver: # imagePullSecrets: # - name: ibi-docker-hub service: type: NodePort #sessionAffinity: ClientIP autoscaling: enabled: true clm: # imagePullSecrets: # - name: ibi-docker-hub service: annotations: {} type: NodePort autoscaling: enabled: false cachemanager: # imagePullSecrets: # - name: ibi-docker-hub service: type: NodePort autoscaling: enabled: true #etcd: # image: # pullSecrets: # name: ibi-docker-hub swego: enabled: true storage: accessMode: ReadWriteOnce global: # imageInfo: # imagePullSecrets: # - name: ibi-docker-hub prometheusAdapter: metricsServer: false prometheus: server: service: type: NodePort  
             14. Update Customer id and EUA in below file
                   IBI_wfce_1.3.0/scripts/helmfile/environments/wf.integ.yaml.gotmpl

    Also, update license key in IBI_wfce_1.3.0/scripts/license/license.txt
    Note: For customer id and license key contact Admin or ibi Support team.
             15. Deploy WebFOCUS
    Execute below command from directory: IBI_wfce_1.3.0/scripts/helmfile
    helmfile -e dev --state-values-file=environments/oc-default.yaml.gotmpl --state-values-set global.imageInfo.image.repository=default-route-openshift-image-registry.apps-crc.testing/webfocus/repo sync  
    Verify using pod status
    oc get pods -n webfocus You can expect output like one below

     
             16. Create Route to access apperver
    oc expose svc appserver View route:
    oc get route -n webfocus
     
    Now, access WebFOCUS
    http://appserver-webfocus.apps-crc.testing/webfocus/
    Credentials: secret/terces
     
    Troubleshooting
             1. Appserver goes in CrashLoopBackOff ?
    Appserver might not have enough resources so assign more resources. Also, try increasing initialDelaySeconds for livenessProbe and readinessProbe.
    oc edit sts appserver -n webfocus Example:

             
             2. 500 Gateway Timeout error
    Increase the timeout on the Openshift route to 2 minutes
    https://docs.openshift.com/container-platform/3.11/install_config/configuring_routing.html
    oc annotate route appserver --overwrite haproxy.router.openshift.io/timeout=120s  
    Thank you for your interest in WebFOCUS CE and we hope this documentation proves useful to you! 
    For any further assistance feel free to contact ibi Support team.
    Aniket Awchare
    The aim of this article is to explain what Global Name property is and how to configure it. 
    In the context of WebFOCUS, where maximizing efficiency and maintaining consistency are top priorities, the Global Name property shines as a vital tool for synchronization. This feature fundamentally alters the way filter control values are handled across multiple pages. 
    Understanding the Global Name Property
    At its core, the Global Name property serves as the linchpin in the synchronization process, nestled within the Settings tab of the Properties panel for a filter control. When activated, this property facilitates the synchronization of filter selections across multiple pages within the same browsing session, offering a significant advantage for Portal creation.
    Use Cases for Global Name Property
    Executive Dashboards: In a professional setting, executives often rely on comprehensive dashboards to monitor key performance indicators (KPIs) and objectives and key results (OKRs). By utilizing the Global Name property, content consumers can seamlessly switch between different views of the dashboard while maintaining consistency in filter selections, enabling quicker decision-making and analysis.
    Sales Performance Analysis: Sales teams benefit greatly from analyzing performance data across various dimensions such as region, product, and time period. With the Global Name property, the Leadership team can configure interactive reports that allow sales representatives to drill down into specific data subsets without losing sight of the broader context, enhancing their ability to identify trends and opportunities.
    Customer Segmentation: Marketing professionals leverage customer segmentation to tailor campaigns and promotions to specific demographics or purchasing behaviors. By employing the Global Name property, marketers can create dynamic reports/charts that adapt to changing segmentation criteria, ensuring that insights remain relevant

    Configuring the Global Name Filter Control Property: A Step-by-Step Guide
    Prepare Your Content: Begin by creating the charts or reports you desire using WebFOCUS Designer, ensuring consistency by using the same master file across all content.
    Launch WebFOCUS Designer in Assemble mode: Access the Hub and click on the “+” icon, selecting “Assemble Visualizations” to launch WebFOCUS Designer in assemble mode.
    Add Content to First Page: From the left navigation panel, navigate to the desired workspace within the “Content” tab and select the content you wish to add to the first page.
    Add Filters: From the left navigation panel, move to the “Filters” tab to add desired filters. You can either add all filters at once or selectively add them by right-clicking on each filter.
    Set Global Name Property: Choose the filter for which you wish to set the Global Name property. Within the Properties panel, under General Settings, locate the Global Name field and enter your desired name. This name will serve as the identifier for synchronization across pages. Save and Repeat: Save the page and repeat the process to create additional pages as needed, ensuring consistency in content and filter selection. Test Synchronization: Run the first page and update the filter value. Then, navigate to the second page, run it and observe how the filter control displays the updated value automatically. This bidirectional synchronization ensures that changes made on one page reflect instantaneously across all linked pages.

    The Global Name property in WebFOCUS is not merely a feature; it's a catalyst for efficiency and cohesion in your analytics endeavors. By following this step-by-step guide and exploring various use cases, you can harness its power to seamlessly synchronize filter selections across multiple pages, empowering you to navigate your analytics portal with unparalleled ease and precision.
     
    video1152876214.mp4
    John Racelis
    What is ibi Data Intelligence?
    Our platform is a unified data management solution that offers a comprehensive suite of tools for data integration, application integration and data quality improvement, empowering businesses to unlock the full potential of their data.
    What can I accomplish with ibi Data Intelligence?
    We understand that successfully leveraging data requires the collaboration between both the business and technology (IT) teams within organizations. The platform provides those teams with key features and capabilities, such as:
    Data Integration: Seamlessly connect disparate data sources, facilitate data movement, transformation and consolidation for a unified view. Application Integration: Facilitate communication between different applications to orchestrate, automate & streamline information exchange. Data Quality Improvement: Implement robust data quality checks & transformations to verify, cleanse & enrich your data to ensure high accuracy and reliability.
    These capabilities allow organizations the needed functions to solve their various use cases, regardless of industry, including:
    Enterprise Data Integration:  Large enterprises managing diverse data environments need to unify data from multiple sources for comprehensive business intelligence. Application Data Exchange: Organizations with multiple interdependent software applications need to ensure real-time data consistency across business applications. Data Quality Management: Businesses prioritizing data accuracy for compliance and reporting need to implement data cleansing & validation to ensure data integrity. How can I get started with ibi Data Intelligence?
    We recommend reaching out to your ibi account team and connecting with an Account Technology Strategist to review your use case and develop a solution strategy fit for your organization.
    Dave Pfeiffer
    Just when you think you’ve achieved something great, maybe even perfect, the world sometimes throws you a curve. Like many other things today, design processes and product strategies seem to be in a continuous state of evolution. While methodologies and core design principles hold strong, desired outcomes and the definitions of success somehow seem to change.
    A year ago I collaborated with Angie Hildack, ibi PM Lead, on an article titled “Welcome to the new WebFOCUS!” where we set the stage for the great things we had planned for the product. As I look back at the experience vision we described in that article and consider the progress we’ve made since then, I feel we are indeed delivering on that promise. Although it has not been without challenges and complexities we’ve needed to overcome. It’s become clear that attempting to solve some of the experience challenges we set out to address ended up introducing new challenges that also had to be met with careful consideration. There are times where solving one problem causes another, and then another, and another, etc. It’s a cycle of design exploration and iteration that is not new in the world of product design, but it is unique and challenging each time it occurs. The goals and the endpoint you strive for sometimes end up being quite different when you actually get there. In life, the destination is often relatively unknown and is entirely dependent on the journey itself. And more times than not, the old saying is absolutely true. It’s the journey that matters, not the destination. Of course in the world of product design, the destination absolutely matters. But the journey is every bit as rewarding if you look at it the right way.
    So how do we ensure the journey leads to the right destination? It’s important to periodically revisit the process, the goals, and the expected outcomes… and make adjustments accordingly as trends, audiences and needs change. With the increasing importance of designing for all user types, this heightened level of user awareness has naturally impacted the way we think and feel and design, which in turn, has altered our concept of the product design lifecycle. We plan longer release cycles with phases of incremental exploration, validation, and updates which allow more flexibility for course correction and problem solving. This provides us the best opportunity to evolve our design strategy as it unfolds while still keeping the destination, wherever and whatever it may be, in sight. 
    With WebFOCUS and the Hub in particular, we’ve spent the last few years heavily focused on reaching new audiences and leveraging modern technologies. We aim to draw greater performance and outcomes from data and provide improved reporting, visualization and collaboration capabilities for better real-time decision making. This of course is critical to our long-term strategy for growth and continued success. As for the journey… we continue to toe the line between old and new ways of working, traditional and modern ways of thinking, manual and automated workflows, back-end code and front end UI, etc. We’re working hard to connect the past with the future to ensure they complement each other with relative harmony. Can WebFOCUS be everything to everybody? Time will tell. We haven’t reached the destination yet so it’s hard to say with certainty. But we hope to come as close to this as we can. This is the journey we are on… and it is not ours alone. Through ongoing partnerships and collaboration with our customers, we travel this road together as we imagine, and re-imagine, the future of WebFOCUS. Together we will see the forest for the trees.
    We’ve come a long way this past year and continue to add key features of great value as planned. But it’s entirely possible the concept of a final destination may simply not exist. Even so, we’ll continue on this course and we’re glad to be sharing this journey with you. And as the saying goes, “a journey of a thousand miles begins with a single step”. This is very true. This past year was a great first step to realizing our vision and we’re excited about the possibilities in store for the future.
     
    Pablo Alvarez
    This article intends to cover what you need to secure your search in Solr and how it's connected to WebFOCUS.
    Sometimes, some of our sensitive data is stored in the WebFOCUS Repository or at the WebFOCUS Reporting Server Application folders (hold files that are not stored temporarily, for example) and Solr allows you to find almost everything under WebFOCUS, so when performing a search, the connection between Solr and WebFOCUS is not encrypted by default and uses HTTP protocol. With this article, we want to enhance your security by adding an extra SSL layer to the communications between Solr and WebFOCUS, enabling SSL in Solr and WebFOCUS, and making available the connection between them. You'll find a troubleshooting section and a tips section at the end. I do recommend to read the entire article, and, of course, if you have any doubts or comments about it, we're here to help!
    To enable SOLR to work under a secure connection, you’ll need to have a valid certificate with a fully qualified domain name to be used (FQDN), we’ll follow all the steps to create one on your own and use it to secure and encrypt your connection between our WebFOCUS Client and the SOLR service.

    Even if I used this under Windows, the same steps apply to Linux, also, I used the WSL (Windows Subsystem for Linux) on my box to perform some of the steps, but that’s not necessary if you have the required components or you’ve been already provided with a valid certificate, so you don’t need to generate a new one.

    The very first step was to create the certificate and the key for my machine. Here’s where I used the WSL (CentOS) to use the OpenSSL commands. But if you don’t want to install WSL, the easiest way to get OpenSSL on your Windows box is by installing Git for Windows and running the Git Bash utility that comes with it (it’ll open a command prompt window in which you can execute Linux commands) or PowerShell for Windows.

     
    If you have WSL, you may need to install the OpenSSL package, so you’ll need to follow your distribution updater package to get it.
    sudo apt install openssl
    Or
    sudo yum install openssl
    Note: You may want to upgrade your repositories and packages before installing it (sudo apt update && sudo apt upgrade / sudo yum update && sudo yum upgrade). Once the package is installed, you can run the OpenSSL command that will generate the key file and the certificate file we will use later
    To get the FQDN:
    $myFQDN = (Get-WmiObject Win32_ComputerSystem).DNSHostName + "." + (Get-WmiObject Win32_ComputerSystem).Domain
    >> Write-Host $myFQDN

    And to generate the key and certificate files:
    openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout keyfile.key -out certificatefile.crt -subj "/C=US/ST=Oregon/L=Portland/O=Company Name/OU=Org/CN=yourfqdn" -addext "subjectAltName=DNS
    :yourfqdn,DNS:*.tibco.com,IP:10.0.0.1"
    The output will be similar to these screenshots:
     
     
     
    You’ll need to change the values (highlighted in red) to match your company name, organization unit, country, etc… (not really needed so that you can use the ones in the sample). Still, the most important part is the Common Name (CN), which’s the one that needs to match the URL you’ll be using on your browser to access WebFOCUS, and it has to contain the FQDN.
    The key thing here is that Solr expects to have a valid domain to create a real secure connection between environments.
    Note: I’ve also added as DNS the entire tibco.com domain, that way, this will work even if I add my region, like: https://machinename.emea.tibco.com
    Now that we have created the key and the certificate, we need to store it under a keystore, so the next step is creating it based on them:
    openssl pkcs12 -export -in tibco-pc1t3xv0.crt -inkey tibco-pc1t3xv0.key -out tibco-pc1t3xv0.p12

    You’ll be prompted for a password, so don’t forget which one you’ve selected as it’ll be used later.
    Lastly, we need this recently created certificate to be “trusted” by our environment, in case you can’t certify it with a CA (Certificate Authority like VeriSign, IdenTrust, DigiCert, Let's Encrypt, GoDaddy, or similar) or already have a certified one by these authorities, which is the recommended for Production environments, and even more if they are publicly available.
    Your server has a JDK installed (requirement for WebFOCUS) so, in order to validate it ‘internally’ we’ll use the cacerts keystore that comes with the JDK installation. You can check it’s content by executing the following command from the command prompt:
    For Java11: keytool -v -list -cacerts
    For Java 8: keytool -v -list -keystore <path to cacerts>\cacertsfile.ext
    Note: Keytool is a tool also provided in the JDK, so it has to be in the PATH variable of the OS to be able to execute it anywhere, if you don’t have it there, you can use the entire path to it to make it work.
    You’ll be prompted for a password, and the default one is ‘changeit’ (without quotes). You’ll see a bunch of certificates scrolling on your screen (usually around ~99). So if you also want to review them, just send that output to a text file you can check later:
    Java11: keytool -v -list -cacerts > C:\Temp\cacerts_content.txt
    Java8: keytool -v -list -keystore <path to cacerts>\cacertsfile.ext > C:\Temp\cacerts_content.txt
    The cacerts file is usually stored under %JAVA_HOME%\lib\security (or $JAVA_HOME/lib/security in Unix/Linux environments), but depending on how you have your environment configured, you may be using the one that comes with WebFOCUS (C:\ibi\WebFOCUS93\jdk) or Tomcat (C:\ibi\tomcat\jdk), not adding the -keystore parameter we’re making sure that we are importing our certificate in the cacerts file that the OS is reading.
    The command to import our certificate into that cacert file is:
    keytool -import -alias {aliasname} -cacerts -file {certificatename.cer} 
    So you should be using something like:
    Java11: keytool -import -alias mylocalcert -cacerts -file tibco-pc1t3xv0.crt
    Java8:  keytool -import -alias WF8207SSL -keystore <path to cacerts>\cacerts -file <path to crt>\WF8207SSL.crt
    keytool -import -alias mylocalcert -cacerts -file tibco-pc1t3xv0.crt
    Again, you’ll be prompted for the cacerts password and it’ll also ask you if you trust the certificate you are importing (obviously, you trust it, as you are the one who has created it).

    Now our certificate is also trusted, and these files will now be used in our WebFOCUS installation. I recommend applying them to Tomcat first, so we’ll be able to access WebFOCUS using SSL, then apply it to Solr, and finally connect both.

    So, even if it’s not needed, as long as you want to secure the connection between the WebFOCUS Client and Solr, you’ll probably want to secure the WebFOCUS Client as well, so now that we have the certificate, the key, and the keystore, we should be able to make that happen.
    For Tomcat, is as simple as adding the following block to the server.xml file located under Tomcat’s ‘conf’ folder:
    <!-- IBI SSL Port -->
        <Connector port="8443"
          protocol="org.apache.coyote.http11.Http11NioProtocol"
          maxThreads="150"
          maxPostSize="-1"
          URIEncoding="UTF-8"
          SSLEnabled="true"
          scheme="https"
          secure="true"
          keystoreFile = "C:\ibi\certs\tibco-pc1t3xv0.p12"
          keystoreType = "PKCS12"
          keystorePass = "keystorepasswd"
          ciphers="TLS_RSA_WITH_AES_128_CBC_SHA"
          clientAuth="false"
          sslProtocol="TLS"
          sslEnabledProtocols="TLSv1.2"/>
    <!-- IBI SSL Port END -->
    After that, you just need to restart Tomcat and you should be able to access via http (if you didn’t disable the 8080 port) and https.

     
    Note: If you still don’t get the ‘Certificate is valid’, just keep going, there’s an ‘Other Tips’ section at the end of the Article that may help you with this as well.
    If you don’t use the FQDN, you’ll see that the connection will appear as insecure (as the URL doesn’t match the certificate) even it’s using SSL:

     
    If you have any issues at any of the steps we’ve taken, don’t hesitate to write me at pablo.alvarez@cloud.com
    If you are using a different Application Server, you can also ping me or open a Support Ticket case.
    Do let me know if you want me to write another article about certificates by sending me an email requesting it 😉
    Now, we should focus on the Solr configuration. You have a ‘solr.in.*’ file (.sh for Unix/Linux, .cmd for Windows) under C:\ibi\WebFOCUS93\Solr\solr\bin (or ../ibi/WebFOCUS93/Solr/solr/bin if you are using a Linux/Unix environment), edit it and uncomment the following lines (and make sure the values matches the ones for your environment):
    set SOLR_SSL_ENABLED=true
    set SOLR_SSL_KEY_STORE=C:\ibi\certs\local\tibco-pc1t3xv0.p12
    set SOLR_SSL_KEY_STORE_PASSWORD=keystorepasswd
    set SOLR_SSL_TRUST_STORE=C:\ibi\certs\local\tibco-pc1t3xv0.p12
    set SOLR_SSL_TRUST_STORE_PASSWORD=keystorepasswd
    set SOLR_SSL_NEED_CLIENT_AUTH=false
    set SOLR_SSL_WANT_CLIENT_AUTH=false
    set SOLR_SSL_CLIENT_HOSTNAME_VERIFICATION=false
    set SOLR_SSL_CHECK_PEER_NAME=true
    set SOLR_SSL_KEY_STORE_TYPE=PKCS12
    set SOLR_SSL_TRUST_STORE_TYPE=PKCS12
    I also recommend uncommenting and changing the following line to get a more detailed log the first time to debug the issues you could face, and once it’s working properly, set it back to the default value (INFO) or even comment it out:
    set SOLR_LOG_LEVEL=INFO
    If all the previous steps were correctly performed, you should be able to restart the Solr service now and be able to access the Solr Dashboard via https: https://servername.company.ext:8983/solr
     

    The latest configuration part is to tell WebFOCUS that the connection between them is now being made using SSL, so you’ll need to access your WebFOCUS Client Administration Console Configuration and change the Solr Url to match the one you used to access the Dashboard:

    And that should be all, you are now connected in an even more secure way and performing secure searches within your data and WebFOCUS:

     
     
    TROUBLESHOOTING
    During the investigation on how to enable SSL (and make it work with WebFOCUS), -John Calappi (who was also an important part on this Technical Article and you can contact him as well 😜), and I found some issues. Even if we were able to start Solr with SSL, WebFOCUS wasn’t able to communicate with it and the message you receive is as follows:

     
    This is why I recommend you configure the DEBUG mode on Solr, to try to figure out why it’s not working.
    Our magnify_search.log files from WebFOCUS showed this messages:
    [2024-04-17 12:45:21,648] INFO  main - {} - SolrSearchClientFactory.init() initializing Solr client with: url: https://tibco-pc1t3xv0:8983/solr, username: , collection: ibi-protected
    [2024-04-17 12:45:21,650] INFO  main - {} - createSolrClient(): created SolrClient for url: https://tibco-pc1t3xv0:8983/solr
    [2024-04-17 12:45:21,672] ERROR main - {} - testClient(): error: IOException occurred when talking to server at: https://tibco-pc1t3xv0:8983/solr
    [2024-04-17 12:45:21,673] ERROR main - {} - createSolrClient(): Error testing Solr client
    [2024-04-17 12:45:21,673] ERROR main - {} - Error! Creating SolrClient
     
    Even the Solr service was started and we were able to access the Solr Dashboard using SSL.
    Checking the Solr logs in DEBUG mode showed us that the ‘handshake’ wasn’t being performed. The ‘handshake’ is when you try to communicate with the endpoint securely, but the endpoint doesn’t trust you and doesn’t perform the handshake.
     



     
    2024-04-08 12:38:40.340 WARN  (main) [   ] o.e.j.u.s.S.config No Client EndPointIdentificationAlgorithm configured for Client@20b9d5d5[provider=null,keyStore=file:///C:/ibi/certs/local/mokochino_pkcs12.jks,trustStore=file:///C:/Program%20Files/Java/jdk-11/lib/security/cacerts]
    2024-04-08 12:38:42.993 DEBUG (qtp1489193907-23) [   ] o.e.j.i.s.SslConnection fill NOT_HANDSHAKING
    2024-04-08 12:38:43.401 DEBUG (qtp1489193907-27) [   ] o.e.j.i.s.SslConnection DecryptedEndPoint@569cafab{l=/10.98.96.15:8983,r=/10.98.96.15:60038,OPEN,fill=-,flush=-,to=414/120000} stored fill exception => javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
    javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
    We got these messages when the certificate wasn’t added to the cacerts file, and also when the keystore we used didn’t have the .key attached to it, so it was considered a ‘public’ certificate (like having a low fence or an open padlock, both are secure methods, but used incorrectly, so not secure at all). In order to have a proper handshake between products, the keystore needs to have the required files to accept the connections.
    OTHER TIPS
    Make sure that you are adding your certificate to the proper cacerts file, sometimes, there are several Java JDK releases installed and each one has its own cacerts file. For example, when you install WebFOCUS, sometimes it also includes its own jdk (C:\ibi\WebFOCUS93\jdk) or even under Tomcat you can have another one (C:\ibi\tomcat\jdk), Linux/UNIX environments doesn’t usually have them, but Windows does. In that case, I usually delete those ones and use the mklink command to create symbolic links (similar to the Linux ones, not Windows shortcuts) just in case that there’s some hardcoded path pointing there. You could use it as follows:
    mklink /D {destination} {source}
    Sample:
    mklink /D C:\ibi\WebFOCUS93\jdk C:\Progra~1\Java\jdk11              
    It is also recommended to add your new certificate into your client OS, so any browser you use can also trust this one on their side. From your Windows OS, double-click on your .crt file (you can copy the file from the server or the content of it as it’s just a plain-text file) and you’ll see something like this:

    Click on the Install Certificate… and place it under the Trusted Root Certification Authorities:

    After finishing this process, you’ll see that certificate as valid:

    Another option to have SSL in your WebFOCUS Installation that Ben Naphtali also suggested is to put in front of our install a Load Balancer like NGINX and have that using SSL. That way, even if you don’t have SSL configured in WebFOCUS, you won’t be able to access it without going first to NGINX in a secure way (NGINX will manage and redirect the petitions to WebFOCUS and Solr). NGINX, Apache WebServer using the mod_proxy module or mod_jk, or any Load Balancer should work for this.
    As said before, let me know if you want me to write another Technical Article about how to properly install the Load Balancer in front of your WebFOCUS install to secure it, this will also allow you to have different WebFOCUS Clients to handle HighAvailability features in production environments.
    You could also enable SSL in the WebFOCUS Reporting Server Side, but that part is perfectly described in the Security & Administration Manual, so you just need to follow that one to make it work.
    Happy & Secure connections!
    Pablo Alvarez
×
×
  • Create New...
© 2024 Cloud Software Group, Inc. All rights reserved.